Learn essential npm package security and version management in this 20-minute tutorial video. Master security checks implementation using Snyk, understand semantic versioning principles, and set up automated release processes. Follow step-by-step guidance on obtaining npm access tokens, running test deployments, and establishing repository workflows. Explore conventional commits and discover how to implement continuous security monitoring for your packages. Access additional resources including a complementary blog post on building npm packages for ESM and CJS, along with a modern npm package repository example on GitHub. Perfect for developers looking to enhance their npm package security and streamline version management processes.
NPM Security and Package Version Management - A Guide to Safe Publishing
Overview
Syllabus
00:00 - Intro
00:28 - Adding security checks with Snyk
04:20 - What is semantic versioning?
05:35 - Getting set up with semantic release
08:28 - How to get an npm access token
10:36 - Dry run test
12:37 - Creating a new workflow for the repository
16:16 - What are conventional commits?
17:30 - Free continuous monitoring with Snyk
19:22 - Outro
Taught by
Snyk
